UNPKG

@starship-ci/generator

Version:

Kubernetes manifest generator for Starship deployments

github.com/hyperweb-io/starship

hyperweb-io/starship

353 lines (352 loc) • 12.9 kB

JavaScript

"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.IngressBuilder = exports.IngressResourceGenerator = exports.IngressCertIssuerGenerator = void 0; const helpers = __importStar(require("../helpers")); /** * Cert Issuer generator for Ingress * Based on the Helm template: ingress/cert-issuer.yaml */ class IngressCertIssuerGenerator { config; constructor(config) { this.config = config; } generate() { if (!this.config.ingress?.enabled) { return []; } const name = this.config.ingress.certManager?.issuer || 'cert-issuer'; return [ { apiVersion: 'cert-manager.io/v1', kind: 'Issuer', metadata: { name, labels: { ...helpers.getCommonLabels(this.config), 'app.kubernetes.io/component': 'ingress', 'app.kubernetes.io/part-of': 'starship', 'app.kubernetes.io/name': name } }, spec: { acme: { server: 'https://acme-v02.api.letsencrypt.org/directory', email: 'devops@cosmoslogy.zone', privateKeySecretRef: { name }, solvers: [ { http01: { ingress: { class: this.config.ingress.type } } } ] } } } ]; } } exports.IngressCertIssuerGenerator = IngressCertIssuerGenerator; /** * Ingress resource generator * Based on the Helm template: ingress/ingress.yaml */ class IngressResourceGenerator { config; constructor(config) { this.config = config; } generate() { if (!this.config.ingress?.enabled) { return []; } const host = this.config.ingress.host?.replace('*.', '') || 'thestarship.io'; const ingressType = this.config.ingress.type; const issuer = this.config.ingress.certManager?.issuer || 'cert-issuer'; return [ { apiVersion: 'networking.k8s.io/v1', kind: 'Ingress', metadata: { name: `${ingressType}-ingress`, labels: { ...helpers.getCommonLabels(this.config), 'app.kubernetes.io/component': 'ingress', 'app.kubernetes.io/part-of': 'starship', 'app.kubernetes.io/name': `${ingressType}-ingress` }, annotations: { 'nginx.ingress.kubernetes.io/rewrite-target': '/$1', 'nginx.ingress.kubernetes.io/use-regex': 'true', 'cert-manager.io/issuer': issuer } }, spec: { ingressClassName: ingressType, tls: this.generateTlsConfig(host, ingressType), rules: this.generateIngressRules(host) } } ]; } generateTlsConfig(host, ingressType) { const tls = []; // Explorer TLS if (this.config.explorer?.enabled) { tls.push({ hosts: [`explorer.${host}`], secretName: `explorer.${ingressType}-ingress-tls` }); } // Registry TLS if (this.config.registry?.enabled) { tls.push({ hosts: [`registry.${host}`], secretName: `registry.${ingressType}-ingress-tls` }); } // Chains TLS this.config.chains?.forEach((chain) => { tls.push({ hosts: [`rest.${chain.id}-genesis.${host}`], secretName: `rest.${chain.id}-genesis.${ingressType}-ingress-tls` }); tls.push({ hosts: [`rpc.${chain.id}-genesis.${host}`], secretName: `rpc.${chain.id}-genesis.${ingressType}-ingress-tls` }); }); // Frontends TLS this.config.frontends?.forEach((frontend) => { tls.push({ hosts: [`${frontend.name}.${host}`], secretName: `${frontend.name}.${ingressType}-ingress-tls` }); }); return tls; } generateIngressRules(host) { const rules = []; // Explorer rules if (this.config.explorer?.enabled) { rules.push({ host: `explorer.${host}`, http: { paths: [ { pathType: 'ImplementationSpecific', path: '/(.*)', backend: { service: { name: 'explorer', port: { name: 'http' } } } } ] } }); } // Registry rules if (this.config.registry?.enabled) { rules.push({ host: `registry.${host}`, http: { paths: [ { pathType: 'ImplementationSpecific', path: '/(.*)', backend: { service: { name: 'registry', port: { name: 'http' } } } } ] } }); } // Chain rules this.config.chains?.forEach((chain) => { // REST endpoint rules.push({ host: `rest.${chain.id}-genesis.${host}`, http: { paths: [ { pathType: 'ImplementationSpecific', path: '/(.*)', backend: { service: { name: `${chain.id}-genesis`, port: { name: 'rest' } } } }, { pathType: 'ImplementationSpecific', path: '/faucet/(.*)', backend: { service: { name: `${chain.id}-genesis`, port: { name: 'faucet' } } } }, { pathType: 'ImplementationSpecific', path: '/exposer/(.*)', backend: { service: { name: `${chain.id}-genesis`, port: { name: 'exposer' } } } } ] } }); // RPC endpoint rules.push({ host: `rpc.${chain.id}-genesis.${host}`, http: { paths: [ { pathType: 'ImplementationSpecific', path: '/(.*)', backend: { service: { name: `${chain.id}-genesis`, port: { name: 'rpc' } } } } ] } }); }); // Relayer rules (only for hermes) this.config.relayers?.forEach((relayer) => { if (relayer.type === 'hermes') { rules.push({ host: `rest.${relayer.type}-${relayer.name}.${host}`, http: { paths: [ { pathType: 'ImplementationSpecific', path: '/(.*)', backend: { service: { name: `${relayer.type}-${relayer.name}`, port: { name: 'rest' } } } }, { pathType: 'ImplementationSpecific', path: '/exposer/(.*)', backend: { service: { name: `${relayer.type}-${relayer.name}`, port: { name: 'exposer' } } } } ] } }); } }); // Frontend rules this.config.frontends?.forEach((frontend) => { rules.push({ host: `${frontend.name}.${host}`, http: { paths: [ { pathType: 'ImplementationSpecific', path: '/(.*)', backend: { service: { name: frontend.name, port: { name: 'http' } } } } ] } }); }); return rules; } } exports.IngressResourceGenerator = IngressResourceGenerator; /** * Main Ingress builder * Orchestrates cert-issuer and ingress resource generation */ class IngressBuilder { config; generators; constructor(config) { this.config = config; this.generators = []; if (this.config.ingress?.enabled) { this.generators = [ new IngressCertIssuerGenerator(config), new IngressResourceGenerator(config) ]; } } generate() { return this.generators.flatMap((generator) => generator.generate()); } } exports.IngressBuilder = IngressBuilder;